Appl. No. 
Filed 



09/965,968 
September 26, 2001 



REMARKS 

The foregoing amendments are responsive to the June 13, 2006 Office Action. Applicant 
respectfully request reconsideration of the present application in view of the foregoing 
amendments and the following remarks. 

Please charge any additional fees, including any fees for additional extension of time, or 
credit overpayment to Deposit Account No. 11-1410. 

Response to Rejection of Claims 13 and 15-16 Under 35 U.S.C. 103(a) 

The Examiner rejected Claims 13 and 15-16 under 35 U.S.C. 103(a) as being 
unpatentable over U.S. Patent No. 6,351,811 to Groshon et al. ("Groshon"), in view of European 
Patent No. 467,239 to Bianco, and further in view of U.S. Patent No. 5,537,585 to Blickenstaff et 
al. (Blickenstaff), U.S. Patent No. 6,880,083 to Korn, and U.S. Patent No. 5,812,398 to Nielsen. 

The newly-cited reference, Nielsen, teaches a firewall circumvention method wherein a 
file to be backed up on the escrow computer is embedded in an email message sent from the host 
computer to the escrow computer. Thus, while Nielsen does show the physical arrangement of 
two servers separated by a firewall, it is not obvious to combine Nielsen with four additional 
references to produce the claimed system. 

The Examiner argues that one cannot show nonobviousness by individually attacking 
references in a combination. Applicant respectfully notes that in discussing each reference, 
Applicant has shown how the reference either teaches away from the claimed invention or does 
not teach or suggest use in a combination to produce the claimed invention. In making a 
combination, the claimed invention must be considered as a whole. "Casting an invention as a 
combination of old elements leads improperly to an analysis of the claimed invention by the 
parts, not by the whole. Custom Accessories, Inc. v Jeffrey-Allan Industries, Inc. 807 F.2d 955, 1 
USPQ2d 1196 (Fed. Cir. 1986). In the present case, the Examiner has combined five different 
references to try and describe the claimed invention. Applicant has shown that the relevant 
teachings of each reference differ substantially from the claimed invention (e.g., single 
public/backup server in Groshon, browser-side validation in Korn, etc.). To obtain the claimed 
invention, various teachings in the five references must be ignored or modified for reasons that 
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Accordingly, Applicant asserts that Claims 13 and 15-16 are allowable over the prior art, 
and Applicant requests allowance of Claim 13 and 15-16. 

Response to Rejection of Claim 14 Under 35 U.S.C. 103(a) 

The Examiner rejected Claim 14 under 35 U.S.C. 103(a) as being unpatentable over the 
modified Groshon, Korn, Bianco, Blickenstaff, and Neilson. 

As discussed above, Applicant respectfully submits that the cited combination of prior art 
references and modifications to the teachings of the references are non-obvious. 

Regarding Claim 14, the cited prior art does not teach or suggest the anti-alteration 
system, as recited in Claim 13, wherein the encryption comprises chaos encryption technology to 
do encryption and decryption of the web-content for increasing the web server response speed 
and increasing security strong of whole system. 

Response to Rejection of Claims 17-28 Under 35 U.S.C. 103(a) 

The Examiner rejected Claims 17-28 under 35 U.S.C. 103(a) as being unpatentable over 
the modified Groshon, Bianco, Neilson and Blickenstaff, in view of Menezes et al. (Handbook of 
Applied Cryptography) and further in view of Thomson. 

As discussed above, Applicant respectfully submits that the cited combination of prior art 
references and modifications to the teachings of the references are non-obvious. 

Regarding Claim 17, the cited prior art does not teach or suggest the anti-alteration 
system, as recited in Claim 16, wherein the symmetric-key encryption is selected from a group 
consisting essentially of DES, 3DES and AES. 

Regarding Claim 18, the cited prior art does not teach or suggest an anti-alteration system 
for web-content having a public-web-server configured to store safe-web-contents that have been 
provided with header information including a MAC (Message Authentication Code) generated 
from the original web-content, and properties of the original-web-content including, name, size, 
date, and location thereof, a private-web-server configured to store the original web-content the 
public-web-server provided to the private-web-server through a firewall, the private-web-server 
configured to separate the header information from a requested safe-web-file, and using the MAC 
(Message Authentication Code) included in the header information to check an authenticity of 
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are not obvious. Taken as a whole, the weight of evidence shows that the combination and 
modification of the five references to described the claimed invention is non-obvious. 

Further evidence of non-obviousness is found in the fact that the BitShield Corp 3GWeb- 
1-2400 product, which is based on the claimed invention, was a "2005 Best of Interop" award 
winner (as disclosed in the Office Action Response filed July 21, 2005 in response to the first 
Office Action). The award was based in part on "[h]ow the product advances the state of the art 
for networking . . . ." (See e.g., Litton Systems, Inc. v. Honeywell, Inc. 87 F.3d 1559, 39 
USPQ2d 1321 (Fed. Cir. 1996) (tributes from others of skill in the art as evidence of non- 
obviousness.) Applicant has provided herewith a declaration under 37 C.F.R. 1 . 132 in support. 

Regarding Claim 13, the cited prior art does not teach or suggest an anti-alteration system 
for web-content having a public-web-server configured to create safe-web-files encrypted from 
original web-content including one or more types of static files and one or more types of dynamic 
files, and configured to provide HTTP web server functions, a private-web-server configured to 
provide the original web-content the public-web-server provided to the private-web-server 
through a firewall, wherein when a web visitor's request is received, the public- web-server is 
configured to verify that the safe-web-file has not been improperly altered, deleted or replaced, 
the public-web-server further configured to decrypt one or more of the safe-web-files and 
respond to the visitor, and the public-web-server further configured to automatically send a 
recovery request to the private-web-server when the public-web-server detects an unauthorized 
alteration of the safe-web-files, the private-web-server, in response to the recovery request, 
configured to send the safe-web-files to the public server. 

Regarding Claim 15, the cited prior art does not teach or suggest the anti-alteration 
system, as recited in Claim 13, further comprising a real-time-check module used on the public- 
web-server computer for linking to a decryption module, wherein the decryption module is 
configured to decrypt one or more of the safe-web-files in response to an HTTP request received 
from the web visitor. 

Regarding Claim 16, the cited prior art does not teach or suggest the anti-alteration 
system as recited in Claim 15, further comprising a real-time-check module configured to use 
symmetric-key encryption to decrypt one or more of the safe-web-files when the web visitor's 
request is received. 
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the safe-web-file, and the public-web-server configured to add new header information to the 
original web-content to create a new safe-web-file on the private-web-server computer when an 
unauthorized alteration of the safe-web-file is detected, wherein the new safe-web-file is sent to 
the public-web-server computer to automatically restore the altered safe-web-file. 

Regarding Claim 19, the cited prior art does not teach or suggest the anti-alteration 
system, as recited in Claim 18, further comprising a real-time-check module used on the public- 
web-server computer for linking to an authentication module, wherein the authentication module 
is configured to provide authentication of the safe-web-file in response to a request received from 
the web visitor though http protocol. 

Regarding Claim 20, the cited prior art does not teach or suggest the anti-alteration 
system, as recited in Claim 19, wherein the real-time-check module uses a message 
authentication technology using chaos theory to check whether the safe-web-content has been 
altered. 

Regarding Claim 21, the cited prior art does not teach or suggest he anti-alteration 
system, as recited in Claim 18, wherein the real-time-check module that is configured to link the 
public-web-server services by using at least one message authentication technology selected from 
a group consisting essentially of MD4, MD5, and SHA. 

Regarding Claim 22, the cited prior art does not teach or suggest an anti-alteration system 
for web-content having a public-web-server computer, configured to store safe-web-files which 
have been encrypted from original web-contents and have been provided with header 
information, the header information including a MAC (Message Authentication Code) generated 
from authentication checking the original web-content and properties including name, size, date, 
and storage location thereof, a private-web-server computer which retains the original web- 
content and which is provided to the public-web-server computer through a firewall, a real-time- 
check module, in response to a web visitor's request safe-web file, the real-time-check module 
configured to separate the a header information from the safe-web-file using a MAC (Message 
Authentication Code) included in the header information to authenticate the safe-web-file by 
comparing the header information with separate header information, and a recovery module, 
when an unauthorized alteration of the safe-web-file is detected, the recovery module configured 
to encrypt the original web-content and add header information to the original web-content to 
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create a new safe-web-file on the private-web-server computer, sending the new safe-web-file to 
the public-web-server computer to automatically restore the safe- web-file which has been altered. 

Regarding Claim 23, the cited prior art does not teach or suggest the anti-alteration 
system, as recited in Claim 22, wherein the recovery module uses chaos encryption technology to 
do encryption and decryption. 

Regarding Claim 24, the cited prior art does not teach or suggest the anti-alteration 
system, as recited in Claim 22, wherein the real-time-check module is configured to provide 
authentication of the safe-web-file in response to a request received from the web visitor though 
http protocol. 

Regarding Claim 25, the cited prior art does not teach or suggest the anti-alteration 
system, as recited in Claim 23, wherein the real-time-check is configured to use a symmetric-key 
encryption to decrypt the safe- web-contents in response to the web visitor's request. 

Regarding Claim 26, the cited prior art does not teach or suggest the anti-alteration 
system, recited in Claim 25, wherein the symmetric-key encryption is selected from a group 
consisting essentially of DES, 3DES, RC4 and AES. 

Regarding Claim 27, the cited prior art does not teach or suggest the anti-alteration 
system, as recited in Claim 24, wherein the real-time-check module uses a message 
authentication technology using chaos theory to check whether the safe-web-content has been 
altered. 

Regarding Claim 28, the cited prior art does not teach or suggest the anti-alteration 
system, as recited in Claim 24, wherein the real-time-check module uses at least one of MD4, 
MD5, and SHA for message authentication. 

Accordingly, Applicant asserts that Claims 17-28 are allowable over the prior art, and 
Applicant requests allowance of Claim 17-28. 

Summary 

Applicant respectfully assert that Claims 13-28 are in condition for allowance, and 
Applicant request allowance of Claims 13-28. If there are any remaining issues that can be 
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resolved by a telephone conference, the Examiner is invited to call the undersigned attorney at 
(949) 721-6305 or at the number listed below. 

Respectfully submitted, 

KNOBBE, MARTENS, OLSON & BEAR, LLP 



Dated: September 12, 2006 By: ^//>>v^h 

Lee W. Henderson Ph.D. 
Registration No. 41,830 
Attorney of Record 
Customer No. 20,995 
(949) 760-0404 
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